Azure Site Recovery: Our Commitment to Keeping Your Data Secure

Azure Site Recovery helps protect your applications in the event of a disaster by orchestrating recovery operations securely from an easy to use 24/7 Azure based service. Last year, Brad Smith, General Counsel & Executive VP of Legal & Corporate Affairs of Microsoft clearly stated in his blog Microsoft’s commitment to privacy of customer’s data. Azure Site Recovery was designed ground up as a hybrid IT service composed of both cloud & on-premises components aligning to Microsoft’s privacy commitments. Specifically:

Encrypt customer data in transit and at rest

Use best-in-class industry cryptography to protect all channels, including Perfect Forward Secrecy and 2048-bit key lengths

Azure Site Recovery follows service oriented architecture composed of three key components:

Azure Site Recovery protection & recovery experiences are in the Azure Management Portal, which provides a single management interface for customers managing all Azure assets across multiple disaster recovery sites with 24/7 access anywhere, everywhere.

Azure Site Recovery Provider is an on-premises component which is installed on the System Center Virtual Machine Manager (VMM) server and connects to the Azure Site Recovery service by making only outbound connections. The provider needs to connect to the Internet and can leverage an on-premises proxy server thereby removing the need for a direct Internet connection from VMM server.

Azure Recovery Service Agent is an on-premises component installed on each of the Windows Hyper-V Server hosting virtual machines for on-premises to Azure protection. The agent needs to connect to the Internet and can leverage an on-premises proxy server thereby removing the need for a direct Internet connection from the Hyper-V server.

The key channels where the customer’s on-premises components interact with Azure Site Recovery cloud-based service are:

Communication channel

Azure Site Recovery Provider installed on the VMM server & Azure Recovery Services Agent installed on the Hyper-V host communicates to the Azure Site Recovery services in Azure for all the operational activities such as failover, health monitoring etc. It is critical to ensure that this channel is secure.

To that end, all communication channels between on-premises to Azure Site Recovery services are evoked over 443(HTTPS) and every request is then authenticated using industry standard X.509 certificates thereby providing complete data security while in transit to Azure.

On top of the secure communication channel; a Vault Key, a customer specific key collected while registering VMM, is used by on-premises Provider for ensuring operation integrity from Azure. Azure multi-factor authentication adds an additional layer of security for your Azure administrators who want to access Azure portal for managing Azure Site Recovery.

Replication channel

Azure Recovery Services Agent on the Hyper-V host machines replicates the virtual machine to the specified customer’s storage account. It is critical to ensure all data transferred through this channel is secure, therefore the data is encrypted on-premises using a customer managed X.509 encryption certificate before replicating into the customer’s geo-redundant storage account in Azure, which is then transferred over the secure communication channel mentioned above. Providing the complete data security at rest in Azure.

The customer’s virtual machine data at rest encryption uses AES-256. Customers should ensure that the customer managed encryption certificate is stored at a secure location and only during actual disaster recovery operation or during a mock DR drill must the customer provide the customer managed encryption certificate so that the virtual machine can be instantiated under the customer’s subscription in Azure.

Azure Site Recovery also encrypts customer content as it moves between our data centers. We are 100% committed to our security and privacy promises, and will continue to use best-in-class industry cryptography to protect our customers’ data in transitandat rest.